Senior Analyst, 1st Line Security – Controls Testing
TASC
full-time
Posted on:
Location Type: Office
Location: London • 🇬🇧 United Kingdom
Visit company websiteJob Level
Senior
Tech Stack
Cyber Security
About the role
- Support periodic testing of key and non-key controls in accordance with the Control Testing Methodology.
- Assess control design and operating effectiveness against internal policies, standards, regulatory requirements, and customer obligations.
- Timely collection of control testing evidence from relevant Control Owners to support scheduled testing activities.
- Prepare clear and accurate test documentation, including test procedures, execution results, and supporting evidence.
- Identify and document control deficiencies, ensuring timely escalation to the Manager and supporting remediation follow-up activities.
- Monitoring the control testing mailbox to ensure timely review and response to incoming queries and submissions.
- Work closely with 1st Line teams to obtain evidence, clarify control processes, and support accurate testing outcomes.
- Liaise with 2nd Line Security partners and Internal Audit as directed, ensuring transparency and alignment with control testing activities.
- Contribute to the preparation of management information, dashboards, and thematic analysis for governance forums.
- Support control owners by providing observations on control effectiveness and contributing to discussions on remediation approaches.
- Adhere to established control testing standards, procedures, and documentation requirements.
- Provide input on opportunities to streamline testing activities, improve efficiency, and enhance the consistency of outcomes.
- Maintain awareness of relevant regulatory requirements, emerging risks, and industry practices, particularly within the security domains.
- Contribute to strengthening the 3 Lines of Defence model by embedding robust and transparent testing practices.
Requirements
- Experience in control testing, or assurance, and risk management within security in a regulated environment.
- Good investigative and analytical experience (e.g. enquiry, scanning, analysis, interviewing, testing), problem-solving, and decision-making skills.
- Good understanding of control frameworks and standards (e.g., NIST, CRI, ISO and PCI-DSS).
- Ability to assess control design and operating effectiveness in complex environments and to identify control gaps and improvement opportunities.
- Good communication and stakeholder engagement skills.
- Professional certifications such as CISA, CRISC, ISO 27001 or equivalent is desirable.
- Bachelor’s degree in Information Technology, Computer Science, Cyber Security, or related field.
Benefits
- Abide by Mastercard’s security policies and practices;
- Ensure the confidentiality and integrity of the information being accessed;
- Report any suspected information security violation or breach;
- Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
control testingrisk managementanalytical skillscontrol frameworksNISTCRIISOPCI-DSSproblem-solvingdecision-making
Soft skills
investigative skillscommunication skillsstakeholder engagementproblem-solvingdecision-making
Certifications
CISACRISCISO 27001